Member Avatar for karthick_pmk

i am try to compare the Stored-password and Salted Password for the Experiment. Now i have a Stored Password and Salted-password., Stored-password having 72-byte and Salted-password having 18-bytes only, but i facing problem on comparison, how can i compare the both of them.. Here my Code :

 RandomAccessFile raf = new RandomAccessFile(fileName, "r");
 final byte[] stored = new byte[(int) raf.length()]; 
 // in File : "9F3F4E45C0B58B410333D5CB45EB94B708285E80E77F85E1545B9CED25044EAF9158EADB";
 String saltedPw="2013527f8d155ecf0";

 byte[] saltedPassword=bc.getBytes();
 byte[] sha1 = MessageDigest.getInstance("SHA-1").digest(saltedPw);
 byte[] md5 = MessageDigest.getInstance("MD5").digest(saltedPw);
 byte[] hashed=(toHex(sha1)+toHex(md5)).getBytes();
 Arrays.equals(hashed, stored);    // its mismatching here

I compared both of them but its mismatching. what is the problem on that.. how can i get the Pin-number.. Anyone help me...

Thanks in Advance.. :)

Edited by peter_budo because: Java general question, you may get faster reply here
  • 2 Contributors
  • 1 Reply
  • 245 Views
  • 1 Week Discussion Span
  • Latest Post Latest Post by Ewald Horn
Member Avatar for Ewald Horn

Ah, the whole idea of the stored password is to have random bits in there to confuse you. I don't think it's going to be easy to extract the PIN from the store, that would mean PIN's on devices would be completely useless.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.